<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Account extends CI_Controller {

	public function index()
	{
        if ($this->session->userdata('logged_in') && $this->session->userdata('user'))
        {
            $sql  = "SELECT `first_name`, `last_name` FROM `accounts` ";
            $sql .= "WHERE `id` = ?";
            
            $query = $this->db->query($sql, array($this->session->userdata('user')));
            
            if ($query->num_rows > 0)
            {
                $row = $query->row();
                
                $data['firstname'] = $row->first_name;
                $data['lastname']  = $row->last_name;
                $data['title']     = "My Account";
                
                $this->load->view('templates/header', $data);
            	$this->load->view('account/index', $data);
                $this->load->view('templates/footer');   
            }
                
        }
        else
        {
            redirect("account/login");    
        }
	}
    
    public function register()
    {
        
        $this->form_validation->set_message('matches', 'Password do not match');
        $this->form_validation->set_message('required', 'The %s is required!');
        
        $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email');
        $this->form_validation->set_rules('password', 'Password', 'trim|required|matches[passconf]');
        $this->form_validation->set_rules('firstname', 'First name', 'trim|required');
        $this->form_validation->set_rules('lastname', 'Last name', 'trim|required');
        $this->form_validation->set_rules('gender', 'Gender', 'required');
        $this->form_validation->set_rules('contact', 'Contact number', 'trim|required');
        $this->form_validation->set_rules('address', 'Address', 'trim|required');

		if ($this->form_validation->run() == FALSE)
		{
			$data['title'] = "Register Account";
       
            $this->load->view('templates/header', $data);
    		$this->load->view('account/register', $data);
            $this->load->view('templates/footer');
		}
		else
		{
		  
            $email     = set_value('email');
            $password  = set_value('password');
            $firstname = set_value('firstname');
            $lastname  = set_value('lastname');
            $gender    = set_value('gender');
            $contact   = set_value('contact');
            $address   = set_value('address');
            
            $sql  = "INSERT INTO `accounts` (`email`, `password`, `first_name`, `last_name`, `gender`, `contact`, `address`) ";
            $sql .= "VALUES (?, ?, ?, ?, ?, ?, ?)";
            
            $this->db->query($sql, array($email, $password, $firstname, $lastname, $gender, $contact, $address));
          
			$data['title'] = "Registration Successful";
       
            $this->load->view('templates/header', $data);
    		$this->load->view('account/successful');
            $this->load->view('templates/footer');
		}
    }
    
    public function login()
    {
        if ( ! $this->session->userdata('logged_in'))
        {
            $this->form_validation->set_message('required', 'The %s is required!');
        
            $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email|xss_clean');
            $this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
            
            if ($this->form_validation->run() == FALSE)
            {
                $data['title'] = "Login";
                $this->load->view('templates/header', $data);
            	$this->load->view('account/login', $data);
                $this->load->view('templates/footer');            
            }
            else
            {
                $email    = set_value('email');
                $password = set_value('password');
                
                $sql  = "SELECT `id`, `first_name`, `last_name` FROM `accounts` ";
                $sql .= "WHERE `email` = ? AND `password` = ? LIMIT 1";
                
                $query = $this->db->query($sql, array($email, $password));
                
                if ($query->num_rows > 0) 
                {
                    $row = $query->row();
                    $this->session->set_userdata('logged_in', "true");
                    $this->session->set_userdata('user', $row->id);
                    redirect('account', 'refresh');
                }
                else
                {
                    $this->session->set_userdata('message', 'Invalid email or password.');
                    redirect('account/login');
                }
            }    
        }
        else
        {
            redirect('account');
        }
        

    }
    
    public function logout()
    {
        if ($this->session->userdata('logged_in') OR $this->session->userdata('user'))
            $this->session->sess_destroy();
            
        redirect('account/login', 'refresh');
    }
}

/* End of file welcome.php */
/* Location: ./application/controllers/welcome.php */